General
-
Target
11c84267bce8ba8fd08a4e9c07d4bfc4959c2ecd7f956c8cd9ac52c7449d1ac8
-
Size
58KB
-
Sample
220212-gfs3xagfc2
-
MD5
401206f93416e8dffd01278c6bd7f2ed
-
SHA1
f520aefe8c7e9cfa1dbeef928928f251e83f8e7e
-
SHA256
11c84267bce8ba8fd08a4e9c07d4bfc4959c2ecd7f956c8cd9ac52c7449d1ac8
-
SHA512
1cff5f203b3583c8dd24abaa759cd96f7b0df55853c0667d4778e67f563abc5a7be7e124b5c40186b65d78aa331889cf6470396e24d194fc36aef3610051259a
Malware Config
Targets
-
-
Target
11c84267bce8ba8fd08a4e9c07d4bfc4959c2ecd7f956c8cd9ac52c7449d1ac8
-
Size
58KB
-
MD5
401206f93416e8dffd01278c6bd7f2ed
-
SHA1
f520aefe8c7e9cfa1dbeef928928f251e83f8e7e
-
SHA256
11c84267bce8ba8fd08a4e9c07d4bfc4959c2ecd7f956c8cd9ac52c7449d1ac8
-
SHA512
1cff5f203b3583c8dd24abaa759cd96f7b0df55853c0667d4778e67f563abc5a7be7e124b5c40186b65d78aa331889cf6470396e24d194fc36aef3610051259a
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-